Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft
File:                     yIYjh23RrY5iSiPdUossZMgKhSE.mft (raw, json)
Hash identifier:          T3GyfjKdCOzr8GFYNfpfYY/Dhs2hWxg+9oHVfSFVhhI=
Subject key identifier:   7C:18:A3:95:B6:F4:3B:97:CC:74:73:0B:C0:72:50:D4:2D:A0:E2:41
Authority key identifier: C8:86:23:87:6D:D1:AD:8E:62:4A:23:DD:52:8B:2C:64:C8:0A:85:21
Certificate issuer:       /CN=c88623876dd1ad8e624a23dd528b2c64c80a8521
Certificate serial:       01975E390ABDFE0D1F2EB94F580287F3A793
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft
Manifest number:          04A8
Signing time:             Wed 11 Jun 2025 09:01:25 +0000
Manifest this update:     Wed 11 Jun 2025 09:01:25 +0000
Manifest next update:     Thu 12 Jun 2025 09:01:25 +0000
Files and hashes:         1: 6bGSQZyXICWLbBfHBORwDUVmEgs.roa (hash: 1jQZKU6KRpYxffMVHliAkA59/J/hUE4iGAwCvJDdSlw=)
                          2: yIYjh23RrY5iSiPdUossZMgKhSE.crl (hash: ePMrbtdfxICNhXTfCuvq9HGVkfsVNXPOTh9wvpL5ERk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 08:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5e:39:0a:bd:fe:0d:1f:2e:b9:4f:58:02:87:f3:a7:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c88623876dd1ad8e624a23dd528b2c64c80a8521
        Validity
            Not Before: Jun 11 09:01:25 2025 GMT
            Not After : Jun 12 09:01:25 2025 GMT
        Subject: CN=7c18a395b6f43b97cc74730bc07250d42da0e241
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:ea:a9:43:df:8e:9a:d9:29:f9:8e:69:bb:3b:
                    66:19:ec:29:fb:a9:93:6a:4d:81:ac:60:2d:63:27:
                    0a:f2:a3:46:ce:3f:2a:8a:cd:87:72:72:b3:7a:44:
                    47:50:30:43:c9:12:28:10:40:9f:f8:fd:96:e8:8c:
                    ec:eb:74:07:54:6e:a4:e5:31:c9:a3:a7:ea:17:51:
                    6c:4d:2d:51:6c:a6:e5:7c:77:5a:a6:28:68:8b:1d:
                    95:d3:1b:af:cf:b5:a2:c1:37:46:1b:ec:58:8d:a1:
                    8f:2d:50:2f:b7:a1:18:73:b9:93:21:02:1a:02:31:
                    ed:05:ad:bf:d7:e0:a2:4c:83:2b:2b:36:f8:5a:7b:
                    0c:d7:d5:30:5c:e0:c0:7b:d9:fa:0c:56:9c:2e:91:
                    48:09:68:98:14:c9:af:6b:ff:40:3c:a5:b1:7f:a2:
                    7a:51:3c:a4:fd:d4:32:28:01:45:6b:26:ed:af:f6:
                    d9:b6:8e:75:c4:99:48:74:ac:4e:fe:44:a8:73:9c:
                    d2:80:10:59:3a:22:73:e4:fd:01:cc:74:6a:42:5c:
                    e7:f6:95:6c:46:30:17:24:b4:9c:c5:63:ad:55:82:
                    ee:4e:a4:1e:dc:61:18:e0:ae:cf:c6:69:2c:60:f1:
                    c7:33:1d:3b:09:3f:8b:bf:c5:2c:a2:40:36:4a:27:
                    39:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:18:A3:95:B6:F4:3B:97:CC:74:73:0B:C0:72:50:D4:2D:A0:E2:41
            X509v3 Authority Key Identifier:
                keyid:C8:86:23:87:6D:D1:AD:8E:62:4A:23:DD:52:8B:2C:64:C8:0A:85:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:93:62:2d:2a:a5:8e:cf:27:8f:e8:c3:e0:54:b3:1c:70:ed:
         de:81:9d:9f:d9:78:2a:ef:1c:12:82:67:d4:c2:ac:22:5d:4d:
         94:57:4e:58:16:1f:96:5c:60:f4:d5:b3:d3:e4:72:b1:2e:7b:
         e3:22:ef:aa:d9:17:0c:75:06:f7:78:e6:eb:eb:a6:48:5d:a6:
         cf:bc:8e:71:de:33:a9:a9:6b:b5:10:89:9e:83:51:31:71:74:
         db:02:80:bb:96:4b:b9:9a:20:02:39:7d:4e:65:28:22:d9:3c:
         1b:53:cf:dc:fe:60:46:71:b8:59:7b:5b:fd:e6:04:16:5f:e3:
         a1:69:c0:cb:3c:ae:38:ec:8e:f2:c5:1c:61:7c:42:d1:9c:56:
         29:f9:c5:97:b9:45:1d:db:be:50:98:9e:ec:1c:22:11:6b:28:
         2a:2f:12:74:25:ff:9e:5a:da:56:25:71:55:d8:3e:1f:b7:55:
         08:7a:5f:d3:7d:9a:b3:24:93:5a:07:af:8d:3a:43:25:b8:2a:
         66:0c:9f:03:7c:e0:b5:91:f2:b8:9c:55:09:6e:14:06:5f:ca:
         ca:1c:a5:ab:6a:0f:27:69:3d:2c:c8:86:ac:af:19:7f:df:22:
         44:68:d7:d2:b4:ae:95:2a:ad:84:5b:3b:8a:d8:10:eb:55:81:
         92:b8:0d:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdeOQq9/g0fLrlPWAKH86eTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ODYyMzg3NmRkMWFkOGU2MjRhMjNkZDUyOGIyYzY0Yzgw
YTg1MjEwHhcNMjUwNjExMDkwMTI1WhcNMjUwNjEyMDkwMTI1WjAzMTEwLwYDVQQD
Eyg3YzE4YTM5NWI2ZjQzYjk3Y2M3NDczMGJjMDcyNTBkNDJkYTBlMjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuqpQ9+Omtkp+Y5puztmGewp+6mT
ak2BrGAtYycK8qNGzj8qis2HcnKzekRHUDBDyRIoEECf+P2W6Izs63QHVG6k5THJ
o6fqF1FsTS1RbKblfHdapihoix2V0xuvz7WiwTdGG+xYjaGPLVAvt6EYc7mTIQIa
AjHtBa2/1+CiTIMrKzb4WnsM19UwXODAe9n6DFacLpFICWiYFMmva/9APKWxf6J6
UTyk/dQyKAFFaybtr/bZto51xJlIdKxO/kSoc5zSgBBZOiJz5P0BzHRqQlzn9pVs
RjAXJLScxWOtVYLuTqQe3GEY4K7PxmksYPHHMx07CT+Lv8UsokA2Sic5JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHwYo5W29DuXzHRzC8ByUNQtoOJBMB8GA1UdIwQY
MBaAFMiGI4dt0a2OYkoj3VKLLGTICoUhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUlZamgyM1JyWTVpU2lQZFVvc3NaTWdLaFNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8xODI1ZDEtN2MwMS00OTE1LWE0NDQt
MmViNTEyNjFkZGJhLzEveUlZamgyM1JyWTVpU2lQZFVvc3NaTWdLaFNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8xODI1ZDEtN2MwMS00OTE1LWE0NDQtMmViNTEyNjFkZGJh
LzEveUlZamgyM1JyWTVpU2lQZFVvc3NaTWdLaFNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALJNiLSql
js8nj+jD4FSzHHDt3oGdn9l4Ku8cEoJn1MKsIl1NlFdOWBYfllxg9NWz0+RysS57
4yLvqtkXDHUG93jm6+umSF2mz7yOcd4zqalrtRCJnoNRMXF02wKAu5ZLuZogAjl9
TmUoItk8G1PP3P5gRnG4WXtb/eYEFl/joWnAyzyuOOyO8sUcYXxC0ZxWKfnFl7lF
Hdu+UJie7BwiEWsoKi8SdCX/nlraViVxVdg+H7dVCHpf032asySTWgevjTpDJbgq
ZgyfA3zgtZHyuJxVCW4UBl/Kyhylq2oPJ2k9LMiGrK8Zf98iRGjX0rSulSqthFs7
itgQ61WBkrgNbQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 12:42:36 2025 by rpki-client